lp://staging/ubuntu/quantal-updates/maas

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

24. By Seth Arnold on 2014-02-11

* SECURITY UPDATE: incorrect Content-type header allowed cross-site
  scripting vulnerability if an unknown API was used. (LP: #1251336)
  - debian/patches/CVE-2013-1070.patch: Use Content-type text/plain to force
    browsers to not render error messages as HTML.
  - CVE-2013-1070
* SECURITY UPDATE: /etc/maas/txlongpoll.yaml contained a publicly readable
  password. (LP: #1254034)
  - debian/maas-region-controller.postinst: chown and chmod
    /etc/maas/txlongpoll.yaml with correct permissions
  - CVE-2013-1069

23. By Seth Arnold on 2013-11-01

* SECURITY UPDATE: failure to authenticate downloaded content (LP: #1039513)
  - debian/patches/CVE-2013-1058.patch: Authenticate downloaded files with
    GnuPG and MD5SUM files. Thanks to Julian Edwards.
  - CVE-2013-1058
* SECURITY UPDATE: configuration options may be loaded from current working
  directory (LP: #1158425)
  - debian/patches/CVE-2013-1057-1-2.patch: Do not load configuration
    options from the current working directory. Thanks to Julian Edwards.
  - CVE-2013-1057

22. By Andres Rodriguez on 2013-03-07

* MAAS Stable Release Update (LP: #1109283):
  This SRU brings a new upstream release of MAAS that removes
  the usage of a cobbler code copy, 'maas-provision' as well as
  several bug fixes. Exception has been granted by the Technical
  Board to proceed. More information can be found in:
  https://lists.ubuntu.com/archives/ubuntu-devel-announce/2013-February/001012.html

[ Andres Rodriguez ]
* debian/control:
  - Change Conflicts/Replaces for Breaks/Replaces.
  - Conflicts on tftpd-hpa and dnsmasq.
  - Do not pre-depends, but Depends on ${misc:Depends} for 'maas'.

[ Steve Langasek ]
* postinst scripts are never called with 'reconfigure' as the script
  argument. Remove references to this (mythical) invocation.
* always call 'set -e' from maintainer scripts instead of passing 'sh -e'
  as the interpreter, so that scripts will behave correctly when run via
  'sh -x'.
* invoke-rc.d is never allowed to not exist - simplify scripts (and make
  them better policy-compliant) by invoking unconditionally. (The only
  possible exception is in the postrm, where it's *theoretically* possible
  for invoke-rc.d to be missing if the user has completely stripped
  down their system; that's a fairly unreasonable corner case, but we
  might as well be correct if it ever happens.)
* db_get+db_set is a no-op; don't call db_set to push back a value we just
  got from db_get.
* Omit superfluous calls to 'exit 0' at the end of each script.
* Remove maas-cluster-controller prerm script, which called debconf for no
  reason.
* Don't invoke debconf in the postrm script either, debhelper already does
  this for us.
* Other miscellaneous maintainer script fixes
* debian/maas-common.postinst: call adduser and addgroup unconditionally;
  the tools are already designed to DTRT, we don't need to check for the
  user/group existence before calling them nor should we worry about
  calling them only once on first install.
* debian/maas-common.postrm: delete the maas group, not just the user,
  as the comment in the code implies we should do.

21. By Andres Rodriguez on 2012-10-16

* New upstream bugfix release
  - Fixes commissioning failing to set memory attribute. (LP: #1064638)
  - Fixes node listing by adding pagination (LP: #1064672)
  - Changes default bind rndc key which breaks initscripts (LP: #1066938)
  - Fixes invalid DNS config once node is enlisted (LP: #1066958)
  - Reference documentation link to correct URL (LP: #1067261)

[ Andres Rodriguez ]
* debian/rules: Change upstream branch.

[ Gavin Panella ]
* debian/maas-dns.postinst: Remove MAAS-related include lines from named's
  config before adding a new one (LP: #1066929)

[ Raphael Badin ]
* debian/extras/maas-region-celeryd: Remove whitespace that affects DNS
  rabbitmq queue. (LP: #1067929)

20. By Andres Rodriguez on 2012-07-17

* New upstream release
* Only run 'maas' command as root. (LP: #974046)
  - debian/extras/maas: Check id.
  - debian/maas.install: Install in 'sbin'.
* debian/maas.postinst:
  - restart apache2 after everything gets processed.
  - Update version to handle upgrades.
* debian/extras/maas-provision: Add wrapper to access 'maasprovisiong'
  command line.
* debian/patches/99_temporary_fix_path.patch: Dropped. No longer needed.

19. By Andres Rodriguez on 2012-07-17

debian/control: Build-Dep on python-django instead of
python-django-configglue

18. By Andres Rodriguez on 2012-07-12

* New Upstream Release
* debian/patches:
  - 99_power_fixes.patch: Dropped. Merged Upstream.
  - 99_enums_js.patch: Dropped. No longer needed.
* Automatically build enums.js:
  - debian/control: Build-Depends on python-django-configglue
  - debian/rules: Build and install enums.js.
* debian/maas.postinst: Update version to handle upgrades

17. By Andres Rodriguez on 2012-07-03

* New upstream release
* debian/control: Depends on python-txtftp.
* debian/rules: Do not ship python-tx-tftp.
* debian/maas.postinst: Update version to upgrade successfully.
* debian/patches:
  - 02-pserv-config.patch: Refreshed.
  - 99_enums_js.patch: Updated.
  - 99_power_fixes.patch: Added temporarily to enable IPMI
  - 99_temporary_fix_path.patch: Added temporarily to not fail when
    importing celeryconfig

16. By Andres Rodriguez on 2012-07-03

* New Upstream release
* debian/control:
  - Depends on python-celery, python-tempita, libjs-yui3-{full,min},
    libjs-raphael
* debian/maas.install:
  - Install apiclient, celeryconfig.py, maas-import-pxe-files, preseeds_v2.
  - Update to install various files from chroot, rather tha manually copy
    them from the source.
* debian/maas.links: symlink celeryconfig.py
* debian/maas.maas-celery.upstart: Add job.
* debian/rules:
  - Install celery upstart job.
  - Do not install jslibs as packages are now used.
  - Drop copying of maas_local_settings_sample.py as source now ships
    a maas_local_settings.py
* debian/patches:
  - 04-maas-http-fix.patch: Drop. Merged upstream.
  - 01-fix-database-settings.patch: Refreshed.
  - 99_enums_js.patch: Added until creation of enum.js / build process
    is fixed.
* debian/maas.postinst: Update bzr version to correctly handle upgrades.

15. By Andres Rodriguez on 2012-04-17

* New upstream release (Fixes LP: #981103)
* debian/maas.postinst:
  - Make sure rabbitmq and postgresql are started on upgrade (LP: #981282)
  - Handle upgrades from any lower than 0.1+bzr462+dfsg-0ubuntu1 to
    correctly re-generate passwords, and not have db sync/migrate issues
    as config has changed upstream.
  - Correctly set Passwords for PSERV, otherwise it won't set new passwords.
* Allow MAAS_DEFAULT_URL reconfiguration. (LP: #980970)
  - debian/maas.config: Add reconfigure validation to correctly allow it,
    and ask a question.
  - debian/maas.postinst: Reconfigure DEFAULT_MAAS_URL as well as cobbler
    server and next_server for PXE/Provisioning.
  - debian/maas.templates: Add debconf question and update info.
* Do not lose MAAS_DEFAULT_URL settings on upgrade (LP: #984309)
* debian/maas.postinst:
  - Set cobbler password in between quotes (LP: #984427)
  - Do not change permissions to maas.log (LP: #980915)
* no longer use maas-cloudimg2ephemeral, but rather use premade images
  at http://maas.ubuntu.com